3 # ssh-host-config, Copyright 2000, Red Hat Inc.
5 # This file is part of the Cygwin port of OpenSSH.
7 # Subdirectory where the new package is being installed
10 # Directory where the config files are stored
13 # Subdirectory where an old package might be installed
15 OLDSYSCONFDIR=${OLDPREFIX}/etc
22 if [ "${auto_answer}" = "yes" ]
25 elif [ "${auto_answer}" = "no" ]
31 while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
33 echo -n "$1 (yes/no) "
36 if [ "X${answer}" = "Xyes" ]
71 echo "usage: ${progname} [OPTION]..."
73 echo "This script creates an OpenSSH host configuration."
76 echo " --debug -d Enable shell's debug output."
77 echo " --yes -y Answer all questions with \"yes\" automatically."
78 echo " --no -n Answer all questions with \"no\" automatically."
86 # Check for running ssh/sshd processes first. Refuse to do anything while
87 # some ssh processes are still running
89 if ps -ef | grep -v grep | grep -q ssh
92 echo "There are still ssh processes running. Please shut them down first."
97 # Check for ${SYSCONFDIR} directory
99 if [ -e "${SYSCONFDIR}" -a ! -d "${SYSCONFDIR}" ]
102 echo "${SYSCONFDIR} is existant but not a directory."
103 echo "Cannot create global configuration files."
108 # Create it if necessary
110 if [ ! -e "${SYSCONFDIR}" ]
112 mkdir "${SYSCONFDIR}"
113 if [ ! -e "${SYSCONFDIR}" ]
116 echo "Creating ${SYSCONFDIR} directory failed"
122 # Check for an old installation in ${OLDPREFIX} unless ${OLDPREFIX} isn't
123 # the same as ${PREFIX}
126 if [ "${OLDPREFIX}" != "${PREFIX}" ]
128 if [ -f "${OLDPREFIX}/sbin/sshd" ]
131 echo "You seem to have an older installation in ${OLDPREFIX}."
133 # Check if old global configuration files exist
134 if [ -f "${OLDSYSCONFDIR}/ssh_host_key" ]
136 if request "Do you want to copy your config files to your new installation?"
138 cp -f ${OLDSYSCONFDIR}/ssh_host_key ${SYSCONFDIR}
139 cp -f ${OLDSYSCONFDIR}/ssh_host_key.pub ${SYSCONFDIR}
140 cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key ${SYSCONFDIR}
141 cp -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub ${SYSCONFDIR}
142 cp -f ${OLDSYSCONFDIR}/ssh_config ${SYSCONFDIR}
143 cp -f ${OLDSYSCONFDIR}/sshd_config ${SYSCONFDIR}
146 if request "Do you want to erase your old installation?"
148 rm -f ${OLDPREFIX}/bin/ssh.exe
149 rm -f ${OLDPREFIX}/bin/ssh-config
150 rm -f ${OLDPREFIX}/bin/scp.exe
151 rm -f ${OLDPREFIX}/bin/ssh-add.exe
152 rm -f ${OLDPREFIX}/bin/ssh-agent.exe
153 rm -f ${OLDPREFIX}/bin/ssh-keygen.exe
154 rm -f ${OLDPREFIX}/bin/slogin
155 rm -f ${OLDSYSCONFDIR}/ssh_host_key
156 rm -f ${OLDSYSCONFDIR}/ssh_host_key.pub
157 rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key
158 rm -f ${OLDSYSCONFDIR}/ssh_host_dsa_key.pub
159 rm -f ${OLDSYSCONFDIR}/ssh_config
160 rm -f ${OLDSYSCONFDIR}/sshd_config
161 rm -f ${OLDPREFIX}/man/man1/ssh.1
162 rm -f ${OLDPREFIX}/man/man1/scp.1
163 rm -f ${OLDPREFIX}/man/man1/ssh-add.1
164 rm -f ${OLDPREFIX}/man/man1/ssh-agent.1
165 rm -f ${OLDPREFIX}/man/man1/ssh-keygen.1
166 rm -f ${OLDPREFIX}/man/man1/slogin.1
167 rm -f ${OLDPREFIX}/man/man8/sshd.8
168 rm -f ${OLDPREFIX}/sbin/sshd.exe
169 rm -f ${OLDPREFIX}/sbin/sftp-server.exe
175 # First generate host keys if not already existing
177 if [ ! -f "${SYSCONFDIR}/ssh_host_key" ]
179 echo "Generating ${SYSCONFDIR}/ssh_host_key"
180 ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null
183 if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]
185 echo "Generating ${SYSCONFDIR}/ssh_host_rsa_key"
186 ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null
189 if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]
191 echo "Generating ${SYSCONFDIR}/ssh_host_dsa_key"
192 ssh-keygen -t dsa -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' > /dev/null
195 # Check if ssh_config exists. If yes, ask for overwriting
197 if [ -f "${SYSCONFDIR}/ssh_config" ]
199 if request "Overwrite existing ${SYSCONFDIR}/ssh_config file?"
201 rm -f "${SYSCONFDIR}/ssh_config"
202 if [ -f "${SYSCONFDIR}/ssh_config" ]
204 echo "Can't overwrite. ${SYSCONFDIR}/ssh_config is write protected."
209 # Create default ssh_config from here script
211 if [ ! -f "${SYSCONFDIR}/ssh_config" ]
213 echo "Generating ${SYSCONFDIR}/ssh_config file"
214 cat > ${SYSCONFDIR}/ssh_config << EOF
215 # This is ssh client systemwide configuration file. This file provides
216 # defaults for users, and the values can be changed in per-user configuration
217 # files or on the command line.
219 # Configuration data is parsed as follows:
220 # 1. command line options
221 # 2. user-specific file
222 # 3. system-wide file
223 # Any configuration value is only changed the first time it is set.
224 # Thus, host-specific definitions should be at the beginning of the
225 # configuration file, and defaults at the end.
227 # Site-wide defaults for various options
232 # RhostsAuthentication yes
233 # RhostsRSAAuthentication yes
234 # RSAAuthentication yes
235 # PasswordAuthentication yes
240 # StrictHostKeyChecking no
246 # Be paranoid by default
252 # Try authentification with the following identities
253 IdentityFile ~/.ssh/identity
254 IdentityFile ~/.ssh/id_rsa
255 IdentityFile ~/.ssh/id_dsa
259 # Check if sshd_config exists. If yes, ask for overwriting
261 if [ -f "${SYSCONFDIR}/sshd_config" ]
263 if request "Overwrite existing ${SYSCONFDIR}/sshd_config file?"
265 rm -f "${SYSCONFDIR}/sshd_config"
266 if [ -f "${SYSCONFDIR}/sshd_config" ]
268 echo "Can't overwrite. ${SYSCONFDIR}/sshd_config is write protected."
273 # Create default sshd_config from here script
275 if [ ! -f "${SYSCONFDIR}/sshd_config" ]
277 echo "Generating ${SYSCONFDIR}/sshd_config file"
278 cat > ${SYSCONFDIR}/sshd_config << EOF
279 # This is ssh server systemwide configuration file.
284 ListenAddress 0.0.0.0
287 # Uncomment the following lines according to the used authentication
288 HostKey /etc/ssh_host_key
289 HostKey /etc/ssh_host_rsa_key
290 HostKey /etc/ssh_host_dsa_key
293 KeyRegenerationInterval 3600
296 # Don't read ~/.rhosts and ~/.shosts files
298 # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
299 #IgnoreUserKnownHosts yes
309 #obsoletes QuietMode and FascistLogging
311 RhostsAuthentication no
313 # For this to work you will also need host keys in /etc/ssh_known_hosts
314 RhostsRSAAuthentication no
316 # To install for logon to different user accounts change to "no" here
317 RSAAuthentication yes
319 # To install for logon to different user accounts change to "yes" here
320 PasswordAuthentication no
322 PermitEmptyPasswords no
327 #Uncomment if you want to enable sftp
328 #Subsystem sftp /usr/sbin/sftp-server
329 #MaxStartups 10:30:60
333 # Add port 22/tcp to services
335 _nt=`expr "$_sys" : "CYGWIN_NT"`
338 _wservices="${SYSTEMROOT}\\system32\\drivers\\etc\\services"
339 _wserv_tmp="${SYSTEMROOT}\\system32\\drivers\\etc\\srv.out.$$"
341 _wservices="${WINDIR}\\SERVICES"
342 _wserv_tmp="${WINDIR}\\SERV.$$"
344 _services=`cygpath -u "${_wservices}"`
345 _serv_tmp=`cygpath -u "${_wserv_tmp}"`
347 mount -b -f "${_wservices}" "${_services}"
348 mount -b -f "${_wserv_tmp}" "${_serv_tmp}"
350 if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
352 awk '{ if ( $2 ~ /^23\/tcp/ ) print "sshd 22/tcp #SSH daemon\r"; print $0; }' < "${_services}" > "${_serv_tmp}"
353 if [ -f "${_serv_tmp}" ]
355 if mv "${_serv_tmp}" "${_services}"
357 echo "Added sshd to ${_services}"
359 echo "Adding sshd to ${_services} failed\!"
363 echo "Adding sshd to ${_services} failed\!"
367 umount "${_services}"
368 umount "${_serv_tmp}"
370 # Add sshd line to inetd.conf
371 if [ -f /etc/inetd.conf ]
373 grep -q "^[# \t]*sshd" /etc/inetd.conf || echo "# sshd stream tcp nowait root /usr/sbin/sshd -i" >> /etc/inetd.conf
376 if [ "${old_install}" = "1" ]
379 echo "Note: If you have used sshd as service or from inetd, don't forget to"
380 echo " change the path to sshd.exe in the service entry or in inetd.conf."
384 echo "Host configuration finished. Have fun!"